const express = require('express')
const cookieParser = require('cookie-parser')

const app = express()
app.use(cookieParser());

app.get('/login',(req,res)=>{
  // csrf 防护
  console.log(req.get('referer')) // http://127.0.0.1:5500/
  console.log(req.get('host'))  // 127.0.0.1:3002
  let host = req.get('host')
  let referer = req.get('referer')
  if(referer.indexOf(host) == -1){
    return res.send('CSRF 防护')
  }
  res.cookie('name', 'zhangsan', { maxAge: 60 * 1000 * 60 }) // 存活 1分钟
  res.send('登录页面')
})

app.listen(3002,()=>{
  console.log("express服务已经启动了")
})
